I can see two options here that depends on your needs:
1. use console server REST api if you plan to employ the usage of console in your case as well, not talking about using it from the smartphone app but rather for admins/operators to perform additional actions on the processes and tasks
2. if option one is not valid in your case then I would go for using jBPM API instead of adding unnecessary layer (console server REST api) that will do pretty much the same what you need to do while embedding jBPM into your application
Can you please provide me any sample/guide? By using that i can call any process instance running in BPM engine. The issue i am facing is bypassing the "Form Based Authentication". Once i bypass the authentication part from my web module and then i can access the JSON file by invoking/reading using the REST call, and after that the rest of the part is pretty simple. I will appreciate if you can throw some light on this.
Did you find solution for this problem? I'm facing similar challenge. I tried removing security filter entry in web.xml of jbpm-console. It helps in getting rid of authentication layer, but the problem is, few rest api calls are stateful and they fail if we remove auth layer.
Have you considered upon security if you bypass the auth layer? In my case, my custom app and the jbpm console, both will be behind a firewall. I'll provide authentication from my custom app and jbpm console rest api will be reachable only from my custom web app.